Just to get down to brass tacks, the representation in question in the letter seems to be:
"Also, during this past summer, we began discussions with New York Attorney General Cuomo, who suggested that now was the time to take our practice of last resort -- lawsuits -- and replace that form of deterrence with productive engagement by the ISP community in the form of graduated response programs. At his request, as an act of good faith in pursuing these alternatives, we discontinued initiating new lawsuits in August."
Presumably if every other major cell phone manufacturer can make pretty much identical phone models for GSM and CDMA, it can also by done by... Oh wait, it's Apple; nm. =)
Is that true even for "off-the-shelf" software (e.g. application software, operating systems, network services), as opposed to custom software (e.g. information systems specific to the organization's information needs)?
I applaud the effort by government IT to have more in-house knowledge about open source software (and about what software offerings are available in general).
But I don't really understand what it is about the procurement process that is a barrier to open source software.
If the procurement process involves publishing an open request for proposals (RFP), and then accepting bids from interested parties, then presumably anyone can read the RFP, doesn't that mean that any interested member of the public can figure out how to accomplish that with open source software, and then put in an offer to license it to the government for whatever they want?
"but this 180 degree shift doesn't make sense unless he is just pushing the program underground or plying for political favor somewhere."
Just to clarify, when conservatives eliminate programs when it is the fiscally responsible thing to do, does that become "plying for political favor" just because many of their supporters are more interested in that than the average person?
Back when the DMCA was being discussed before being passed into law, I recall that legislators had an understanding that "access controls" and "use controls" were two different things, with "access controls" being schemes to control access to the actual original unencrypted bits (1's and 0's) the work consisted of, and "use controls" being schemes to control what uses could be made of the work (presumably without access to the bits). The consensus seemed to be that the DMCA would restrict circumvention of "access controls", but avoid any special treatment of "use controls".
Now, the idea that "use controls" were necessarily separate from "access controls", or that they usually were separate and would continue to be separate with the presence of a powerful law like the DMCA, is seriously naive. I have many guesses about the source of those views (wishful thinking, not fully exploring various kinds of consequences of the law they were enacting, etc.) and those could eat a whole thread in themselves.
But, at least for "use controls" of a work that were not in any way also "access controls" of the work, it seemed to be clear: the DMCA provides no protection for those "use controls".
As a (fairly inventive) way of getting around this "shortcoming", Blizzard legal has decided to set aside for a moment the main copyrightable work in WoW (the object code and multimedia assets on provided on disc and sent to the user over the network, presumably the "literal elements"), and instead frame the "use" of those works as itself a work ("non-literal elements"). Now "use controls" of the first work, otherwise unprotected by the DMCA with respect to the first work, are actually protected, because they are also "access controls" of the second work.
Will the framing of use of a work as a separate copyrightable work (i.e. "non-literal elements" or somesuch) really hold under appeal? What other kinds of copyrighted works are also susceptible to this argument?
I see this comment a lot, and I suppose that many average Windows users don't see the seams and can't figure out what the fuss is about.
From my point of view as someone who has used Windows heavily for almost two decades, 2007-08 in Microsoft land has been the perfect storm of poor user experience for power users.
Here are the factors:
VISTA - The configuration dialog shell game that we've come to expect with every new Windows release - Deeper UI changes to features that I use several times a minute (e.g. alt-tab ordering, language cycling shortcuts) that had previously worked fine the way they were since Windows 95 or before; I'm not sure if Vista's UI designers knew what they were getting rid of - RAM usage that's off the hook and weird paging performance, thus the push to the x64 version - The x64 version's remaining hardware and software compatibility issues - Just general brokenness around configuration behaviour (e.g. language settings), hardware-related functionality (e.g. built-in burning with -RW disks), and general system behaviour (why would it ever make sense to launch the task manager minimized when the task bar becomes unresponsive at the drop of a hat when an app isn't responding?) that ultimately should have been found in testing and fixed before the product got out the door - I'm sure there are things I'm forgetting about here. - With all the risk taking with the UI, why not also address underlying OS problems that have been around for years (e.g. mysteriously in-use files getting in the way of deletes and ejecting USB drives, the buggy aforementioned built-in burning?) - The icing on the cake: Microsoft choosing to stubbornly phase out XP, so most OEM buyers and most corporate buyers are stuck with Vista for new installs even if they (or their staff) would prefer XP. Microsoft's pacing is really what took the patchable brokenness and the performance problems from being theoretical issues to real ones for power users.
OFFICE 2007 - Although not a reason to knock Vista, this is certainly part of the perfect storm, since like Vista, Office 2007 throws out a bunch of the previous product's tried-and-true UI (the whole menu structure) and rethinks it, and MS has taken the same approach to phasing it in as for Vista, so for new installs, it's just as unavoidable as Vista. Because it largely works properly and performs OK (cynical view: higher unit price -> more exhaustive testing?,) and because I can at least come up with plausible explanations for all of the UI changes they made, it's not quite as hard a pill for me to swallow as Vista but still another layer of icing on the cake.
So yeah...
I realize that I'm being a snooty power user here. Not everyone wants or needs backwards compatibility. And although the $100+ retail sticker price and huge market share of Windows suggest that MS should spend a lot on testing, the realities of OEM pricing and keeping the shareholders happy mean that MS has to stretch their usability testing dollar a long way. So, power-user oriented features with limited appeal must get the short end of the stick.
On that note, there are things that Vista has done right: - The layer of awful networking wizards are a highly nuanced topic in themselves, but despite being harder to avoid than the ones in XP, they seem to have more informative automated functionality and that's ultimately a win - The search box on the start menu is a killer power-user feature (even if I was going to use Launchy anyway) - The more detailed performance monitoring in the Task Manager as well as the Performance control panel/snap-in is impressive - You'll note that I haven't mentioned User Account Control (UAC) in the minuses... That's because, despite the warts (e.g. tapping my fingers while a low priority process waits to redraw the whole screen that it has just taken over) I think UAC is a real security improvement for power users and has been sorely needed for a long time... BUT I can certainly understand that for averag
Strictly speaking, it may be true to say that a website TOS violation was "a circumstance obviously not considered in the law's formulation and passage" because web sites weren't around when CFAA became law. But don't read anything more into that; plenty of online services (including BBSes and similar dial up hosts accessible without charge) had terms of use or terms of service at the time the CFAA went into effect.
I didn't have to think too hard when I first heard about the CFAA to realize that "unauthorized use" was a huge, poorly defined can of worms. And it was clear to me that there was going to be some PR fall out eventually, even if the modem never made it past being a niche product for IT departments and geeky hobbyists.
Bruce Sterling's retelling of the E-911 document saga in his book "The Hacker Crackdown" (http://www.mit.edu/hacker/hacker.html) will give you a taste of the Catch-22 climate that the CFAA fits perfectly into.
Now, I don't mean to dismiss the possibility that using a web site against terms might not, in some cases, be "unauthorized use". People are suggesting potential arguments for that here that I haven't heard of before (e.g. "habitual tolerance", "failure to notify") that if effective could cut a wide swath out of existing web site TOSes. But despite all of that, there are still going to be some fraction of web site terms that were properly executed and are properly being enforced, and so are still binding. And a pretty plain reading of the CFAA tells me that breaking any of those ones is at least a misdemeanor even when there is no "collateral damage".
Anyway, what really irks me about this whole situation is this: The CNNs of the world love the 'hacker bust' and have reported over the years about literally hundreds of convictions under the CFAA, even before the Internet became an everyday tool for the average person. Likewise, they've reported about big lawsuits by web site operators against companies that get data from their web sites for purposes they don't approve of (like competitive shopping and news aggregation) and most of these complaints hinge on a TOS violation of some kind. But they haven't had the ability or the inclination to put 1 and 1 together until now. What?
I mean, I'm used to the quality of mainstream media reporting about computing in general and network security in particular being poor. They take the "Hitchhiker's Guide" approach: their coverage may be "apocryphal, or at least wildly inaccurate", but despite this (or maybe because of it) it is designed to harness as much public PANIC as possible. (Apologies to the late Douglas Adams.) I've largely accepted this awful journalism as an unalterable fact of life, and I don't worry about it too much anymore.
But is it asking too much for them to fulfil even that limited mandate?
Maybe the true-crime sensationalism of this case is what was needed for them to take notice. If so, that's kind of sad.
I'd be interested to actually read that whole victim impact statement if someone has the link. I'll admit, I'm skeptical that it will actually talk about the impact, but if it does I'm interested to hear what they have to say.
Also, I have to say I'm a little saddend at you, Slashdot posters, that so few of you have anything to say about that "no video recording equipment outside his home" restriction. It's ridiculously excessive, since it's a blanket prohibition (like prohibiting a convicted document forger from carrying so much as an HB pencil outside his house). And it's basically unenforceable, as the guy can certainly still acquire a video camera at any retail electronics store that can be hidden away in his pocket to get past the velvet rope, so the prohibition is hard to justify even purely on the basis of its crime prevention value. (A ban on entering movie theatres would probably be more effective.) Pretty soon you'll be telling me that giving the Mitnicks of the world access to programmable calculators and musical greeting cards is "being soft on crime."
Er... I meant to say that another law clarifying things for the courts is needed _in_the_US_. If you happen to live in a country where courts seem to be able to understand the details of new technology and figure out how existing law applies to it (*cough* http://yro.slashdot.org/article.pl?sid=08/10/27/2134214 *cough*) then no special laws plz.
>Without the DMCA, those (media) companies would have had to file lawsuits that would have quickly and explicitly carved out the limits of fair use, which would be good for us and not for them.
I'm not sure I would trust the courts to make the right decisions about fair use when it comes to the Internet.
From the bits and pieces of US court rulings I've heard since the Internet gained popularity (~1993 to present), I've noticed a trend: When US courts are faced with cases involving technology they don't understand the details of, they sometimes ignore the existing well-established law that anyone familiar with the technology could see was obviously relevant and instead toss a coin and follow one party or another's 'creative' (i.e. off-the-wall) theories without anyone providing substantial arguments in support of any of the theories.
I can't remember every unquestioningly-accepted theory that has led me to this conclusion, but off the top of my head, the highlights are: - Treating domain names as property - Applying trademark restrictions to queries (e.g. DNS lookups and web searches) - Deeming linking to a document to be the same as copying or distributing it - More generally, assigning responsibility for actions automatically carried out by a computer to [any of: the computer's owner, operator, designer, manufacturer, programmer] without suggesting negligence or giving any other reason for this at all
In any case, all of this means that I'm a little uncertain where (or in what ballpark) a US court would put the boundaries for fair use on the Internet. =)
I'm not saying that the DMCA is the answer (it's about 180 degrees from it), but I think another law clarifying things for the courts was (and still is?) what is needed.
My understanding is that neither USB- or PCI-to-ISA bridges are a 100% compatible solution (in terms of the communications methods supported, architecture on the host side, and timing issues). For instance, there seems to be a glut of PCI to ISA adapters that don't support DMA. If your device's needs fit within the limitations of the bridge and you have a driver for the device that will work, perhaps a driver compatibility solution for you platform included with the bridge that lets you use the original drivers for the device, then that's great. If I wanted to get a device going, and I didn't really know the details of its i/o, I'd consider buying a bridge product and trying to get it going as an experiment, but it's easy to see that as a lot of expense and trouble for a project where a $5 yard sale motherboard would get the job done quickly.
People were accessing Internet e-mail software remotely via text terminals across the world even almost before anyone had a networked computer on their own desk that could run e-mail software directly. And the standard protocol for remote terminal access these days, SSH, uses ad-hoc key encryption key negotiation so it doesn't leave anything behind for third parties to use to decode the traffic later. *Poof* No more monitoring.
But, more generally, the nature of the Internet means that monitoring of a couple of vanilla protocols in the small percentage of the world's Internet hosts that happen to be in some geographical area isn't going to catch communications between dedicated, thorough criminals who have time to prepare and learn things about security.
Make of that what you will; either 1) the powers that be in the UK don't understand the nature of the Internet, or 2) they feel this will be worthwhile even just to catch the few big fish that are sloppy, or 3) perhaps they don't care about "proportionality" at all and this net is intended for what it's obviously much better suited for: catching lots of small fish (unintentional, unprepared, or small-time crooks).
If I tended to think that legislators, when it came to technology regulation, were ignorant about the real world and often went off half-cocked, then I would favour the first theory.
If I tended to think that politicians were overly sentimental and/or spendthrifts, then I would favour the second theory.
As it stands I have trouble deciding between those first two theories. =)
That last theory is what usually feeds the big-brother paranoia of computer security people. Since it usually comes along with some kind of conspiracy theory about a secret organization, I don't usually give it credence. However, although I don't read a lot of news from the UK, it definitely caught my attention when it came out earlier this year that some local council was using RIPA Act criminal surveillance powers to vet three-year olds' school applications.
In my experience, one person's victimless crime is always the threshold of someone else's absolute moral inflexibility and vice versa, and while so many laws are loved and hated in different circles because of this, those laws' own unenforceability protects us from dealing with them or spending any time on their controversies.
The fallout of small organizations having access to espionage may be limited, but it will also be unpredictable.
And don't forget: If chutzpah and not know-how is what will get you in the door, be prepared to work in an organization that is gung-ho but a little short on skills. =)
Slashdot Mirror
Just to get down to brass tacks, the representation in question in the letter seems to be:
"Also, during this past summer, we began discussions with New York Attorney General Cuomo, who suggested that now was the time to take our practice of last resort -- lawsuits -- and replace that form of deterrence with productive engagement by the ISP community in the form of graduated response programs. At his request, as an act of good faith in pursuing these alternatives, we discontinued initiating new lawsuits in August."
... they discontinued initiating lawsuits on August 31st and started right up again on September 1st. Everyone needs a few hours off now and then. =)
Presumably if every other major cell phone manufacturer can make pretty much identical phone models for GSM and CDMA, it can also by done by... Oh wait, it's Apple; nm. =)
Tens of billions? That's like $100k/tower. The equipment is expensive, but is it _that_ expensive?
I think kdawson's Google is broken...
Is that true even for "off-the-shelf" software (e.g. application software, operating systems, network services), as opposed to custom software (e.g. information systems specific to the organization's information needs)?
I applaud the effort by government IT to have more in-house knowledge about open source software (and about what software offerings are available in general).
But I don't really understand what it is about the procurement process that is a barrier to open source software.
If the procurement process involves publishing an open request for proposals (RFP), and then accepting bids from interested parties, then presumably anyone can read the RFP, doesn't that mean that any interested member of the public can figure out how to accomplish that with open source software, and then put in an offer to license it to the government for whatever they want?
Does a deterrent plan ultimately require an invasion?
"but this 180 degree shift doesn't make sense unless he is just pushing the program underground or plying for political favor somewhere."
Just to clarify, when conservatives eliminate programs when it is the fiscally responsible thing to do, does that become "plying for political favor" just because many of their supporters are more interested in that than the average person?
Here's my take on this business.
Back when the DMCA was being discussed before being passed into law, I recall that legislators had an understanding that "access controls" and "use controls" were two different things, with "access controls" being schemes to control access to the actual original unencrypted bits (1's and 0's) the work consisted of, and "use controls" being schemes to control what uses could be made of the work (presumably without access to the bits). The consensus seemed to be that the DMCA would restrict circumvention of "access controls", but avoid any special treatment of "use controls".
Now, the idea that "use controls" were necessarily separate from "access controls", or that they usually were separate and would continue to be separate with the presence of a powerful law like the DMCA, is seriously naive. I have many guesses about the source of those views (wishful thinking, not fully exploring various kinds of consequences of the law they were enacting, etc.) and those could eat a whole thread in themselves.
But, at least for "use controls" of a work that were not in any way also "access controls" of the work, it seemed to be clear: the DMCA provides no protection for those "use controls".
As a (fairly inventive) way of getting around this "shortcoming", Blizzard legal has decided to set aside for a moment the main copyrightable work in WoW (the object code and multimedia assets on provided on disc and sent to the user over the network, presumably the "literal elements"), and instead frame the "use" of those works as itself a work ("non-literal elements"). Now "use controls" of the first work, otherwise unprotected by the DMCA with respect to the first work, are actually protected, because they are also "access controls" of the second work.
Will the framing of use of a work as a separate copyrightable work (i.e. "non-literal elements" or somesuch) really hold under appeal? What other kinds of copyrighted works are also susceptible to this argument?
I see this comment a lot, and I suppose that many average Windows users don't see the seams and can't figure out what the fuss is about.
From my point of view as someone who has used Windows heavily for almost two decades, 2007-08 in Microsoft land has been the perfect storm of poor user experience for power users.
Here are the factors:
VISTA
- The configuration dialog shell game that we've come to expect with every new Windows release
- Deeper UI changes to features that I use several times a minute (e.g. alt-tab ordering, language cycling shortcuts) that had previously worked fine the way they were since Windows 95 or before; I'm not sure if Vista's UI designers knew what they were getting rid of
- RAM usage that's off the hook and weird paging performance, thus the push to the x64 version
- The x64 version's remaining hardware and software compatibility issues
- Just general brokenness around configuration behaviour (e.g. language settings), hardware-related functionality (e.g. built-in burning with -RW disks), and general system behaviour (why would it ever make sense to launch the task manager minimized when the task bar becomes unresponsive at the drop of a hat when an app isn't responding?) that ultimately should have been found in testing and fixed before the product got out the door
- I'm sure there are things I'm forgetting about here.
- With all the risk taking with the UI, why not also address underlying OS problems that have been around for years (e.g. mysteriously in-use files getting in the way of deletes and ejecting USB drives, the buggy aforementioned built-in burning?)
- The icing on the cake: Microsoft choosing to stubbornly phase out XP, so most OEM buyers and most corporate buyers are stuck with Vista for new installs even if they (or their staff) would prefer XP. Microsoft's pacing is really what took the patchable brokenness and the performance problems from being theoretical issues to real ones for power users.
OFFICE 2007
- Although not a reason to knock Vista, this is certainly part of the perfect storm, since like Vista, Office 2007 throws out a bunch of the previous product's tried-and-true UI (the whole menu structure) and rethinks it, and MS has taken the same approach to phasing it in as for Vista, so for new installs, it's just as unavoidable as Vista. Because it largely works properly and performs OK (cynical view: higher unit price -> more exhaustive testing?,) and because I can at least come up with plausible explanations for all of the UI changes they made, it's not quite as hard a pill for me to swallow as Vista but still another layer of icing on the cake.
So yeah...
I realize that I'm being a snooty power user here. Not everyone wants or needs backwards compatibility. And although the $100+ retail sticker price and huge market share of Windows suggest that MS should spend a lot on testing, the realities of OEM pricing and keeping the shareholders happy mean that MS has to stretch their usability testing dollar a long way. So, power-user oriented features with limited appeal must get the short end of the stick.
On that note, there are things that Vista has done right:
- The layer of awful networking wizards are a highly nuanced topic in themselves, but despite being harder to avoid than the ones in XP, they seem to have more informative automated functionality and that's ultimately a win
- The search box on the start menu is a killer power-user feature (even if I was going to use Launchy anyway)
- The more detailed performance monitoring in the Task Manager as well as the Performance control panel/snap-in is impressive
- You'll note that I haven't mentioned User Account Control (UAC) in the minuses... That's because, despite the warts (e.g. tapping my fingers while a low priority process waits to redraw the whole screen that it has just taken over) I think UAC is a real security improvement for power users and has been sorely needed for a long time... BUT I can certainly understand that for averag
ACM attacks to control High School with the assistance of Obama and Goldfish Fanciers...
Biggest and most dubious product placement evar?
She may not be naked, but I'm sure if she's googled herself that she's pretty petrified by now. =)
Well, first you choose a storyline for which everyone knows the ending...
er... you mean you "attempted suicide"?
And some free advice, ppl: Life may sometimes seem like a long term problem, but certainly death is a much longer term one.
Strictly speaking, it may be true to say that a website TOS violation was "a circumstance obviously not considered in the law's formulation and passage" because web sites weren't around when CFAA became law. But don't read anything more into that; plenty of online services (including BBSes and similar dial up hosts accessible without charge) had terms of use or terms of service at the time the CFAA went into effect.
I didn't have to think too hard when I first heard about the CFAA to realize that "unauthorized use" was a huge, poorly defined can of worms. And it was clear to me that there was going to be some PR fall out eventually, even if the modem never made it past being a niche product for IT departments and geeky hobbyists.
Bruce Sterling's retelling of the E-911 document saga in his book "The Hacker Crackdown" (http://www.mit.edu/hacker/hacker.html) will give you a taste of the Catch-22 climate that the CFAA fits perfectly into.
Now, I don't mean to dismiss the possibility that using a web site against terms might not, in some cases, be "unauthorized use". People are suggesting potential arguments for that here that I haven't heard of before (e.g. "habitual tolerance", "failure to notify") that if effective could cut a wide swath out of existing web site TOSes. But despite all of that, there are still going to be some fraction of web site terms that were properly executed and are properly being enforced, and so are still binding. And a pretty plain reading of the CFAA tells me that breaking any of those ones is at least a misdemeanor even when there is no "collateral damage".
Anyway, what really irks me about this whole situation is this: The CNNs of the world love the 'hacker bust' and have reported over the years about literally hundreds of convictions under the CFAA, even before the Internet became an everyday tool for the average person. Likewise, they've reported about big lawsuits by web site operators against companies that get data from their web sites for purposes they don't approve of (like competitive shopping and news aggregation) and most of these complaints hinge on a TOS violation of some kind. But they haven't had the ability or the inclination to put 1 and 1 together until now. What?
I mean, I'm used to the quality of mainstream media reporting about computing in general and network security in particular being poor. They take the "Hitchhiker's Guide" approach: their coverage may be "apocryphal, or at least wildly inaccurate", but despite this (or maybe because of it) it is designed to harness as much public PANIC as possible. (Apologies to the late Douglas Adams.) I've largely accepted this awful journalism as an unalterable fact of life, and I don't worry about it too much anymore.
But is it asking too much for them to fulfil even that limited mandate?
Maybe the true-crime sensationalism of this case is what was needed for them to take notice. If so, that's kind of sad.
I'd be interested to actually read that whole victim impact statement if someone has the link. I'll admit, I'm skeptical that it will actually talk about the impact, but if it does I'm interested to hear what they have to say.
Also, I have to say I'm a little saddend at you, Slashdot posters, that so few of you have anything to say about that "no video recording equipment outside his home" restriction. It's ridiculously excessive, since it's a blanket prohibition (like prohibiting a convicted document forger from carrying so much as an HB pencil outside his house). And it's basically unenforceable, as the guy can certainly still acquire a video camera at any retail electronics store that can be hidden away in his pocket to get past the velvet rope, so the prohibition is hard to justify even purely on the basis of its crime prevention value. (A ban on entering movie theatres would probably be more effective.) Pretty soon you'll be telling me that giving the Mitnicks of the world access to programmable calculators and musical greeting cards is "being soft on crime."
When I said I wanted my next girlfriend to be more one-dimensional that was not what I had in mind... =)
Er... To be fair, the version of that act that Clinton signed into law had less than 1/6th of the vote opposing in both houses...
Er... I meant to say that another law clarifying things for the courts is needed _in_the_US_. If you happen to live in a country where courts seem to be able to understand the details of new technology and figure out how existing law applies to it (*cough* http://yro.slashdot.org/article.pl?sid=08/10/27/2134214 *cough*) then no special laws plz.
>Without the DMCA, those (media) companies would have had to file lawsuits that would have quickly and explicitly carved out the limits of fair use, which would be good for us and not for them.
I'm not sure I would trust the courts to make the right decisions about fair use when it comes to the Internet.
From the bits and pieces of US court rulings I've heard since the Internet gained popularity (~1993 to present), I've noticed a trend: When US courts are faced with cases involving technology they don't understand the details of, they sometimes ignore the existing well-established law that anyone familiar with the technology could see was obviously relevant and instead toss a coin and follow one party or another's 'creative' (i.e. off-the-wall) theories without anyone providing substantial arguments in support of any of the theories.
I can't remember every unquestioningly-accepted theory that has led me to this conclusion, but off the top of my head, the highlights are:
- Treating domain names as property
- Applying trademark restrictions to queries (e.g. DNS lookups and web searches)
- Deeming linking to a document to be the same as copying or distributing it
- More generally, assigning responsibility for actions automatically carried out by a computer to [any of: the computer's owner, operator, designer, manufacturer, programmer] without suggesting negligence or giving any other reason for this at all
In any case, all of this means that I'm a little uncertain where (or in what ballpark) a US court would put the boundaries for fair use on the Internet. =)
I'm not saying that the DMCA is the answer (it's about 180 degrees from it), but I think another law clarifying things for the courts was (and still is?) what is needed.
My understanding is that neither USB- or PCI-to-ISA bridges are a 100% compatible solution (in terms of the communications methods supported, architecture on the host side, and timing issues). For instance, there seems to be a glut of PCI to ISA adapters that don't support DMA. If your device's needs fit within the limitations of the bridge and you have a driver for the device that will work, perhaps a driver compatibility solution for you platform included with the bridge that lets you use the original drivers for the device, then that's great. If I wanted to get a device going, and I didn't really know the details of its i/o, I'd consider buying a bridge product and trying to get it going as an experiment, but it's easy to see that as a lot of expense and trouble for a project where a $5 yard sale motherboard would get the job done quickly.
People were accessing Internet e-mail software remotely via text terminals across the world even almost before anyone had a networked computer on their own desk that could run e-mail software directly. And the standard protocol for remote terminal access these days, SSH, uses ad-hoc key encryption key negotiation so it doesn't leave anything behind for third parties to use to decode the traffic later. *Poof* No more monitoring.
But, more generally, the nature of the Internet means that monitoring of a couple of vanilla protocols in the small percentage of the world's Internet hosts that happen to be in some geographical area isn't going to catch communications between dedicated, thorough criminals who have time to prepare and learn things about security.
Make of that what you will; either 1) the powers that be in the UK don't understand the nature of the Internet, or 2) they feel this will be worthwhile even just to catch the few big fish that are sloppy, or 3) perhaps they don't care about "proportionality" at all and this net is intended for what it's obviously much better suited for: catching lots of small fish (unintentional, unprepared, or small-time crooks).
If I tended to think that legislators, when it came to technology regulation, were ignorant about the real world and often went off half-cocked, then I would favour the first theory.
If I tended to think that politicians were overly sentimental and/or spendthrifts, then I would favour the second theory.
As it stands I have trouble deciding between those first two theories. =)
That last theory is what usually feeds the big-brother paranoia of computer security people. Since it usually comes along with some kind of conspiracy theory about a secret organization, I don't usually give it credence. However, although I don't read a lot of news from the UK, it definitely caught my attention when it came out earlier this year that some local council was using RIPA Act criminal surveillance powers to vet three-year olds' school applications.
In my experience, one person's victimless crime is always the threshold of someone else's absolute moral inflexibility and vice versa, and while so many laws are loved and hated in different circles because of this, those laws' own unenforceability protects us from dealing with them or spending any time on their controversies.
The fallout of small organizations having access to espionage may be limited, but it will also be unpredictable.
And don't forget: If chutzpah and not know-how is what will get you in the door, be prepared to work in an organization that is gung-ho but a little short on skills. =)